cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3404
Views
15
Helpful
3
Replies

LAN with dynamic connection DefaultL2LGroup or DefaultRAGroup?

agcastle2000
Level 1
Level 1

Hi,

First of all, I'm not quite sure if the tunnel-group for a LAN with dynamic connection (ADSL) is DefaultL2LGroup or DefaultRAGroup.

After upgrading the 515-E to 7.2(2), the VPN L2L link between the 515-E in the hub office and the 1841 router in branch stopped working for some reason. I'm still picking up on the 7.2 commands so I don't know if some of the commands were not properly converted or I've changed something in the configuration.

I would be grateful if someone could look at the attached config and advise what to do.

Thanks, Archie

3 Replies 3

ggilbert
Cisco Employee
Cisco Employee

Hello

If the remote side is initiating a connection in Aggressive mode (like remote EzVpn etc..), then it will land on Default RA Group. If it is initiating the connection on Main mode, it will land on DefaultL2Lgroup.

So, since you said its a L2L tunnel, then if the remote address should be initiating the connection on Main mode.

Make sure the pre-shared key matches on the DefaultL2LGroup with the remote side.

The configs looks ok.

If it doesnt work, please run the following debugs

deb cry isa 129

deb cry ipsec 129

on the ASA and post it.

Rate this post, if it helps.

Cheers

Gilbert

Hi Gilbert,

Thanks for your response. I issued the debug statements that you suggested and the connection is landing on DefaultRAGroup. However, someone from the forum suggested to add the one line command below and it started working. Unfortunately, it's nowhere can be found from Cisco configuration examples or from any of the documentations.

tunnel-group-map default-group DefaultL2LGroup

Also, thanks for letting me know about Aggressive and Main modes.

Cheers,

Archie

Cool ,It 's helpful for me

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: